[c-nsp] Strange bug in Catalyst 6500 + SUP720 + ACL

Juan Angel Menendez juan at mecon.gov.ar
Tue Feb 6 16:51:48 EST 2007



	Hi all,

	I have the folllowing configuration:

	interface vlan 7
	ip address 10.11.0.0 255.255.0.0
	ip access-group 170 out

	and then ...

	access-list 170 permit tcp any any established
	access-list 170 permit tcp any any range 1018 1023

	I've found this ACL will permit any tcp connection to network 
10.11.0.0 to any port.

	IOS Version is 12.2(18)SXE6

	Any ideas ?

Regards
Juan



More information about the cisco-nsp mailing list